Compare commits

..

10 Commits

21 changed files with 231 additions and 110 deletions

1
.gitignore vendored
View File

@ -10,6 +10,7 @@
*.dylib
go-cook
*.db
*.env
# Test binary, built with `go test -c`
*.test

4
api/domain/dto.go Normal file
View File

@ -0,0 +1,4 @@
package domain
type UserDto struct {
}

21
api/domain/entities.go Normal file
View File

@ -0,0 +1,21 @@
package domain
import "time"
type UserEntity struct {
Id int
CreatedAt time.Time
LastUpdated time.Time
Name string
Hash string
Scopes string
}
type RecipeEntity struct {
Id int32
CreatedAt time.Time
LastUpdated time.Time
Title string
Thumbnail string
Content string
}

6
api/domain/models.go Normal file
View File

@ -0,0 +1,6 @@
package domain
type EnvConfig struct {
AdminToken string
JwtSecret string
}

5
api/domain/requests.go Normal file
View File

@ -0,0 +1,5 @@
package domain
type HelloBodyRequest struct {
Name string `json:"name" validate:"required"`
}

12
api/domain/responses.go Normal file
View File

@ -0,0 +1,12 @@
package domain
type ErrorResponse struct {
HttpCode int `json:"code"`
Message string `json:"message"`
}
type HelloWhoResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
Message string `json:"message"`
}

8
api/domain/scopes.go Normal file
View File

@ -0,0 +1,8 @@
package domain
const (
ScopeAll = "all"
ScopeRecipeRead = "recipe:read"
ScopeRecipeCreate = "recipe:create"
ScopeRecipeDelete = "recipe:delete"
)

View File

@ -2,9 +2,10 @@ package v1
import (
"errors"
"go-cook/api/models"
"go-cook/api/domain"
"go-cook/api/repositories"
"net/http"
"strings"
"time"
"github.com/golang-jwt/jwt/v5"
@ -15,19 +16,57 @@ const (
ErrJwtMissing = "auth token is missing"
ErrJwtClaimsMissing = "claims missing on token"
ErrJwtExpired = "auth token has expired"
ErrJwtScopeMissing = "required scope is missing"
)
type JwtToken struct {
Exp time.Time `json:"exp"`
Iss string `json:"iss"`
Authorized bool `json:"authorized"`
UserName string `json:"username"`
Token string `json:"token"`
Scopes []string `json:"scopes"`
jwt.RegisteredClaims
}
func generateJwt(username string) (string, error) {
//TODO use env here
secret := []byte("ThisIsABadSecretDontReallyUseThis")
func (j JwtToken) IsValid(scope string) error {
err := j.hasExpired()
if err != nil {
return err
}
err = j.hasScope(scope)
if err != nil {
return err
}
return nil
}
func (j JwtToken) hasExpired() error {
// Check to see if the token has expired
hasExpired := j.Exp.Compare(time.Now())
if hasExpired == -1 {
return errors.New(ErrJwtExpired)
}
return nil
}
func (j JwtToken) hasScope(scope string) error {
// they have the scope to access everything, so let them pass.
if strings.Contains(domain.ScopeAll, scope) {
return nil
}
for _, s := range j.Scopes {
if strings.Contains(s, scope) {
return nil
}
}
return errors.New(ErrJwtScopeMissing)
}
func (h *Handler) generateJwt(username string) (string, error) {
secret := []byte(h.Config.JwtSecret)
token := jwt.New(jwt.SigningMethodHS256)
claims := token.Claims.(jwt.MapClaims)
@ -35,6 +74,10 @@ func generateJwt(username string) (string, error) {
claims["authorized"] = true
claims["username"] = username
var scopes []string
scopes = append(scopes, domain.ScopeRecipeRead)
claims["scopes"] = scopes
tokenString, err := token.SignedString(secret)
if err != nil {
return "", err
@ -50,7 +93,7 @@ func (h *Handler) AuthRegister(c echo.Context) error {
// if we have an err, validate that if its not user not found.
// if the user is not found, we can use that name
if err.Error() != repositories.ErrUserNotFound {
return c.JSON(http.StatusInternalServerError, models.ErrorResponse{
return c.JSON(http.StatusInternalServerError, domain.ErrorResponse{
HttpCode: http.StatusInternalServerError,
Message: err.Error(),
})
@ -60,7 +103,7 @@ func (h *Handler) AuthRegister(c echo.Context) error {
password := c.QueryParam("password")
err = h.UserService.CheckPasswordForRequirements(password)
if err != nil {
return c.JSON(http.StatusInternalServerError, models.ErrorResponse{
return c.JSON(http.StatusInternalServerError, domain.ErrorResponse{
HttpCode: http.StatusInternalServerError,
Message: err.Error(),
})
@ -68,7 +111,7 @@ func (h *Handler) AuthRegister(c echo.Context) error {
_, err = h.userRepo.Create(username, password)
if err != nil {
return c.JSON(http.StatusInternalServerError, models.ErrorResponse{
return c.JSON(http.StatusInternalServerError, domain.ErrorResponse{
HttpCode: http.StatusInternalServerError,
Message: err.Error(),
})
@ -93,7 +136,7 @@ func (h *Handler) AuthLogin(c echo.Context) error {
return c.JSON(http.StatusInternalServerError, err)
}
token, err := generateJwt(username)
token, err := h.generateJwt(username)
if err != nil {
return c.JSON(http.StatusInternalServerError, err)
}
@ -101,6 +144,10 @@ func (h *Handler) AuthLogin(c echo.Context) error {
return c.JSON(http.StatusOK, token)
}
func (h *Handler) AddScope(c echo.Context) error {
}
func (h *Handler) RefreshJwtToken(c echo.Context) error {
return nil
}
@ -118,11 +165,5 @@ func (h *Handler) getJwtToken(c echo.Context) (JwtToken, error) {
return JwtToken{}, errors.New(ErrJwtClaimsMissing)
}
// Check to see if the token has expired
hasExpired := claims.Exp.Compare(time.Now())
if hasExpired == -1 {
return JwtToken{}, errors.New(ErrJwtExpired)
}
return *claims, nil
}

View File

@ -2,20 +2,14 @@ package v1
import (
"fmt"
"go-cook/api/models"
"go-cook/api/domain"
"net/http"
"github.com/labstack/echo/v4"
)
type HelloWhoResponse struct {
Success bool `json:"success"`
Error string `error:"error"`
Message string `json:"message"`
}
func (h *Handler) DemoHello(c echo.Context) error {
return c.JSON(http.StatusOK, HelloWhoResponse{
return c.JSON(http.StatusOK, domain.HelloWhoResponse{
Success: true,
Message: "Hello world!",
})
@ -23,27 +17,23 @@ func (h *Handler) DemoHello(c echo.Context) error {
func (h *Handler) HelloWho(c echo.Context) error {
name := c.Param("who")
return c.JSON(http.StatusOK, HelloWhoResponse{
return c.JSON(http.StatusOK, domain.HelloWhoResponse{
Success: true,
Message: fmt.Sprintf("Hello, %s", name),
})
}
type HelloBodyRequest struct {
Name string `json:"name" validate:"required"`
}
func (h *Handler) HelloBody(c echo.Context) error {
request := HelloBodyRequest{}
request := domain.HelloBodyRequest{}
err := (&echo.DefaultBinder{}).BindBody(c, &request)
if err != nil {
return c.JSON(http.StatusBadRequest, HelloWhoResponse{
return c.JSON(http.StatusBadRequest, domain.HelloWhoResponse{
Success: false,
Error: err.Error(),
})
}
return c.JSON(http.StatusOK, HelloWhoResponse{
return c.JSON(http.StatusOK, domain.HelloWhoResponse{
Success: true,
Message: fmt.Sprintf("Hello, %s", request.Name),
})
@ -52,10 +42,12 @@ func (h *Handler) HelloBody(c echo.Context) error {
func (h *Handler) ProtectedRoute(c echo.Context) error {
token, err := h.getJwtToken(c)
if err != nil {
return c.JSON(http.StatusForbidden, models.ErrorResponse{
HttpCode: http.StatusForbidden,
Message: err.Error(),
})
h.ReturnUnauthorizedResponse(c, err.Error())
}
err = token.IsValid(domain.ScopeRecipeRead)
if err != nil {
h.ReturnUnauthorizedResponse(c, ErrJwtScopeMissing)
}
return c.JSON(http.StatusOK, token)

View File

@ -2,8 +2,10 @@ package v1
import (
"database/sql"
"go-cook/api/domain"
"go-cook/api/repositories"
"go-cook/api/services"
"net/http"
"github.com/golang-jwt/jwt/v5"
echojwt "github.com/labstack/echo-jwt/v4"
@ -11,13 +13,16 @@ import (
)
type Handler struct {
Config domain.EnvConfig
UserService services.UserService
userRepo repositories.IUserTable
recipeRepo repositories.IRecipeTable
}
func NewHandler(conn *sql.DB) *Handler {
func NewHandler(conn *sql.DB, cfg domain.EnvConfig) *Handler {
return &Handler{
Config: cfg,
UserService: services.NewUserService(conn),
userRepo: repositories.NewUserRepository(conn),
recipeRepo: repositories.NewRecipeRepository(conn),
@ -29,7 +34,7 @@ func (h *Handler) Register(v1 *echo.Group) {
NewClaimsFunc: func(c echo.Context) jwt.Claims {
return new(JwtToken)
},
SigningKey: []byte("ThisIsABadSecretDontReallyUseThis"),
SigningKey: []byte(h.Config.JwtSecret),
}
v1.POST("/login", h.AuthLogin)
@ -53,3 +58,10 @@ func (h *Handler) Register(v1 *echo.Group) {
//users.POST("/login", h.LoginUser)
//users.POST("/update/password", h.UpdatePassword)
}
func (h *Handler) ReturnUnauthorizedResponse(c echo.Context, message string) error {
return c.JSON(http.StatusUnauthorized, domain.ErrorResponse{
HttpCode: http.StatusUnauthorized,
Message: message,
})
}

View File

@ -0,0 +1,10 @@
-- +goose Up
-- +goose StatementBegin
SELECT 'up SQL query';
ALTER Table USERS ADD Scopes TEXT;
-- +goose StatementEnd
-- +goose Down
-- +goose StatementBegin
SELECT 'down SQL query';
ALTER TABLE USERS DROP COLUMN Scopes;
-- +goose StatementEnd

View File

@ -1,12 +0,0 @@
package models
import "time"
type RecipeModel struct {
Id int32
Title string
Thumbnail string
Content string
CreatedAt time.Time
LastUpdated time.Time
}

View File

@ -1,6 +0,0 @@
package models
type ErrorResponse struct {
HttpCode int `json:"code"`
Message string `json:"message"`
}

View File

@ -1,15 +0,0 @@
package models
import "time"
type UserModel struct {
Id int
Name string
Hash string
CreatedAt time.Time
LastUpdated time.Time
}
type UserDto struct {
}

View File

@ -3,14 +3,14 @@ package repositories
import (
"database/sql"
"errors"
"go-cook/api/models"
"go-cook/api/domain"
)
type IRecipeTable interface {
Create(models.RecipeModel) error
List() ([]models.RecipeModel, error)
Get(id int) (models.RecipeModel, error)
Update(id int, entity models.RecipeModel) error
Create(domain.RecipeEntity) error
List() ([]domain.RecipeEntity, error)
Get(id int) (domain.RecipeEntity, error)
Update(id int, entity domain.RecipeEntity) error
Delete(id int) error
}
@ -24,19 +24,19 @@ func NewRecipeRepository(client *sql.DB) RecipeRepository {
}
}
func (rr RecipeRepository) Create(models.RecipeModel) error {
func (rr RecipeRepository) Create(domain.RecipeEntity) error {
return errors.New("not implemented")
}
func (rr RecipeRepository) List() ([]models.RecipeModel, error) {
return []models.RecipeModel{}, errors.New("not implemented")
func (rr RecipeRepository) List() ([]domain.RecipeEntity, error) {
return []domain.RecipeEntity{}, errors.New("not implemented")
}
func (rr RecipeRepository) Get(id int) (models.RecipeModel, error) {
return models.RecipeModel{}, errors.New("not implemented")
func (rr RecipeRepository) Get(id int) (domain.RecipeEntity, error) {
return domain.RecipeEntity{}, errors.New("not implemented")
}
func (rr RecipeRepository) Update(id int, entity models.RecipeModel) error {
func (rr RecipeRepository) Update(id int, entity domain.RecipeEntity) error {
return errors.New("not implemented")
}

View File

@ -4,7 +4,7 @@ import (
"database/sql"
"errors"
"fmt"
"go-cook/api/models"
"go-cook/api/domain"
"time"
"github.com/huandu/go-sqlbuilder"
@ -17,11 +17,12 @@ const (
)
type IUserTable interface {
GetByName(name string) (models.UserModel, error)
GetByName(name string) (domain.UserEntity, error)
Create(name, password string) (int64, error)
Update(id int, entity models.UserModel) error
Update(id int, entity domain.UserEntity) error
UpdatePassword(name, password string) error
CheckUserHash(name, password string) error
AddScope(name, scope string) error
}
// Creates a new instance of UserRepository with the bound sql
@ -35,7 +36,7 @@ type UserRepository struct {
connection *sql.DB
}
func (ur UserRepository) GetByName(name string) (models.UserModel, error) {
func (ur UserRepository) GetByName(name string) (domain.UserEntity, error) {
builder := sqlbuilder.NewSelectBuilder()
builder.Select("*").From("users").Where(
builder.E("Name", name),
@ -44,12 +45,12 @@ func (ur UserRepository) GetByName(name string) (models.UserModel, error) {
rows, err := ur.connection.Query(query, args...)
if err != nil {
return models.UserModel{}, err
return domain.UserEntity{}, err
}
data := ur.processRows(rows)
if (len(data) == 0) {
return models.UserModel{}, errors.New(ErrUserNotFound)
if len(data) == 0 {
return domain.UserEntity{}, errors.New(ErrUserNotFound)
}
return data[0], nil
@ -77,7 +78,7 @@ func (ur UserRepository) Create(name, password string) (int64, error) {
return 1, nil
}
func (ur UserRepository) Update(id int, entity models.UserModel) error {
func (ur UserRepository) Update(id int, entity domain.UserEntity) error {
return errors.New("not implemented")
}
@ -109,8 +110,26 @@ func (ur UserRepository) CheckUserHash(name, password string) error {
return nil
}
func (ur UserRepository) processRows(rows *sql.Rows) []models.UserModel {
items := []models.UserModel{}
func (ur UserRepository) AddScope(name, scope string) error {
builder := sqlbuilder.NewUpdateBuilder()
builder.Update("users")
builder.Set (
builder.Assign("Scopes", scope),
)
builder.Where(
builder.Equal("Name", name),
)
query, args := builder.Build()
_, err := ur.connection.Exec(query, args...)
if err != nil {
return err
}
return nil
}
func (ur UserRepository) processRows(rows *sql.Rows) []domain.UserEntity {
items := []domain.UserEntity{}
for rows.Next() {
var id int
@ -118,15 +137,17 @@ func (ur UserRepository) processRows(rows *sql.Rows) []models.UserModel {
var hash string
var createdAt time.Time
var lastUpdated time.Time
err := rows.Scan(&id, &name, &hash, &createdAt, &lastUpdated)
var scopes string
err := rows.Scan(&id, &name, &hash, &createdAt, &lastUpdated, &scopes)
if err != nil {
fmt.Println(err)
}
items = append(items, models.UserModel{
items = append(items, domain.UserEntity{
Id: id,
Name: name,
Hash: hash,
Scopes: scopes,
CreatedAt: createdAt,
LastUpdated: lastUpdated,
})

21
api/services/env.go Normal file
View File

@ -0,0 +1,21 @@
package services
import (
"go-cook/api/domain"
"log"
"os"
"github.com/joho/godotenv"
)
func NewEnvConfig() domain.EnvConfig {
err := godotenv.Load()
if err != nil {
log.Println(err)
}
return domain.EnvConfig{
AdminToken: os.Getenv("AdminToken"),
JwtSecret: os.Getenv("JwtSecret"),
}
}

View File

@ -3,7 +3,7 @@ package services
import (
"database/sql"
"errors"
"go-cook/api/models"
"go-cook/api/domain"
"go-cook/api/repositories"
"strings"
@ -36,12 +36,6 @@ func (us UserService) DoesUserExist(username string) error {
}
func (us UserService) DoesPasswordMatchHash(username, password string) error {
//passwordBytes := []byte(password)
//hash, err := bcrypt.GenerateFromPassword(passwordBytes, bcrypt.DefaultCost)
//if err != nil {
// return err
//}
model, err := us.GetUser(username)
if err != nil {
return err
@ -55,18 +49,18 @@ func (us UserService) DoesPasswordMatchHash(username, password string) error {
return nil
}
func (us UserService) GetUser(username string) (models.UserModel, error) {
func (us UserService) GetUser(username string) (domain.UserEntity, error) {
return us.repo.GetByName(username)
}
func (us UserService) CreateNewUser(name, password string) (models.UserModel, error) {
func (us UserService) CreateNewUser(name, password string) (domain.UserEntity, error) {
err := us.CheckPasswordForRequirements(password)
if err != nil {
return models.UserModel{}, err
return domain.UserEntity{}, err
}
us.repo.Create(name, password)
return models.UserModel{}, nil
return domain.UserEntity{}, nil
}
func (us UserService) CheckPasswordForRequirements(password string) error {

1
go.mod
View File

@ -25,6 +25,7 @@ require (
github.com/google/uuid v1.5.0 // indirect
github.com/huandu/go-sqlbuilder v1.25.0 // indirect
github.com/huandu/xstrings v1.3.2 // indirect
github.com/joho/godotenv v1.5.1 // indirect
github.com/josharian/intern v1.0.0 // indirect
github.com/labstack/echo-jwt/v4 v4.2.0 // indirect
github.com/labstack/echo/v4 v4.11.4 // indirect

2
go.sum
View File

@ -43,6 +43,8 @@ github.com/huandu/go-sqlbuilder v1.25.0 h1:h1l+6CqeCviPJCnkEZoRGNdfZ5RO9BKMvG3A+
github.com/huandu/go-sqlbuilder v1.25.0/go.mod h1:nUVmMitjOmn/zacMLXT0d3Yd3RHoO2K+vy906JzqxMI=
github.com/huandu/xstrings v1.3.2 h1:L18LIDzqlW6xN2rEkpdV8+oL/IXWJ1APd+vsdYy4Wdw=
github.com/huandu/xstrings v1.3.2/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE=
github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46/go.mod h1:yyMNCyc/Ib3bDTKd379tNMpB/7/H5TjM2Y9QJ5THLbE=

View File

@ -3,6 +3,7 @@ package main
import (
"database/sql"
v1 "go-cook/api/handlers/v1"
"go-cook/api/services"
"log"
"net/http"
@ -21,6 +22,8 @@ func main() {
log.Fatal(err)
}
cfg := services.NewEnvConfig()
e := echo.New()
e.Validator = &CustomValidator{
validator: validator.New(),
@ -30,7 +33,7 @@ func main() {
e.Pre(middleware.Recover())
v1Group := e.Group("/api/v1")
v1Api := v1.NewHandler(db)
v1Api := v1.NewHandler(db, cfg)
v1Api.Register(v1Group)
e.Logger.Fatal(e.Start(":1323"))